FACTOID # 30: If Alaska were its own country, it would be the 26th largest in total area, slightly larger than Iran.
 
 Home   Encyclopedia   Statistics   States A-Z   Flags   Maps   FAQ   About 
   
 
WHAT'S NEW
RELATED ARTICLES
People who viewed "Authentication" also viewed:
 

SEARCH ALL

FACTS & STATISTICS    Advanced view

Search encyclopedia, statistics and forums:

 

 

(* = Graphable)

 

 


Encyclopedia > Authentication

Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. Authenticating an object may mean confirming its provenance, whereas authenticating a person often consists of verifying their identity. Authentication depends upon one or more authentication factors. Look up authenticity, authentic in Wiktionary, the free dictionary. ... Provenance is the origin or source from which anything comes. ... In authentication, a factor is a piece of information used to verify a persons identity. ...


There are many fields where authentication is necessary:

Contents

Products

Counterfeit products are common: electronics, clothing, pharmaceuticals, etc. Authentication is necessary to help ensure that the product is authentic to protect consumers and for brand protection. Special seals, marks, and labels are often used to aid authentication. For other uses, see Counterfeit (disambiguation). ... Labels is a song by Wu-Tang Clan member GZA. It explains how rappers at the time fall for a trap set by labels in the music industry thinking that they are going to get themselves wealthy and happy when actually the labels dont help them at all. ...


Money

Counterfeit banknotes and cheques are a continuing problem. Great efforts are being made to make authentication easier and more reliable. For other uses, see Counterfeit (disambiguation). ... A £20 Ulster Bank banknote. ... Example of a Canadian cheque. ...


Packages

In packaging and labelling, authentication refers to the use of special seals, labels, or markings which indicate that the package and contents are authentic. Sometimes substitute pharmaceuticals, perfume, fashion clothing, etc. are marketed as authentic when, in fact, they are not. A sealed pack of diced pork from Tesco. ...


Credit Cards

It is often necessary to authenticate a credit card prior to completing a transaction. Look up credit card in Wiktionary, the free dictionary. ...


Computer Security

In computer security, authentication is the process of attempting to verify the digital identity of the sender of a communication such as a request to log in. The sender being authenticated, often referred to as the principal, may be a person using a computer, a computer itself or a computer program. A blind credential, in contrast, does not establish identity at all, but only a narrow right or status of the user or program. This article describes how security can be achieved through design and engineering. ... Digital identity refers to the aspect of digital technology that is concerned with the mediation of peoples experience of their own identity and the identity of other people and things. ... Note: to sign yourself into Wikipedia, go to the login page. ... This article is about the machine. ... A computer program is a collection of instructions that describe a task, or set of tasks, to be carried out by a computer. ... A blind credential is a token asserting that someone qualifies under some criteria or has some status or right, without revealing who that person is — without including their name or address, for instance. ...


In a web of trust, "authentication" is a way to ensure users are who they say they are—that the user who attempts to perform functions in a system is in fact the user who is authorized to do so. In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and a user. ...


To distinguish authentication from the closely related term authorization, the short-hand notations A1 (authentication) and A2 (authorization) are occasionally used. The terms AuthN / AuthZ or Au / Az are also used to make this distinction in some communities. In security engineering and computer security, authorization, is a part of the operating system that protects computer resources by only allowing those resources to be used by resource consumers that have been granted authority to use them. ...


The problem of authorization is often thought to be identical to that of authentication; many widely adopted standard security protocols, obligatory regulations, and even statutes are based on this assumption. However, more precise usage describes authentication as the process of verifying a person's identity, while authorization is the process of verifying that a known person has the authority to perform a certain operation. Authentication, therefore, must precede authorization. For example, when you show proper identification to a bank teller, you could be authenticated by the teller, and you would be authorized to access information about your bank accounts. You would not be authorized to access accounts that are not your own. In security engineering and computer security, authorization, is a part of the operating system that protects computer resources by only allowing those resources to be used by resource consumers that have been granted authority to use them. ... “Standard” redirects here. ... A cryptographic protocol is an abstract or concrete protocol that performs a security-related function and applies cryptographic methods. ...


Since authorization cannot occur without authentication, the former term is sometimes used to mean the combination of authentication and authorization.


Access control

One familiar use of authentication is access control. A computer system supposed to be used only by those authorized must attempt to detect and exclude the unauthorized. Access to it is therefore usually controlled by insisting on an authentication procedure to establish with some established degree of confidence the identity of the user, thence granting those privileges as may be authorized to that identity. Common examples of access control involving authentication include: Access control is the ability to permit or deny the use of something by someone. ...

However, note that much of the discussion on these topics is misleading because terms are used without precision. Part of this confusion may be due to the 'law enforcement' tone of much of the discussion. No computer, computer program, or computer user can 'confirm the identity' of another party. It is not possible to 'establish' or 'prove' an identity, either. There are tricky issues lurking under what appears to be a straightforward surface. “Cash machine” redirects here. ... Online banking (or Internet banking) is a term used for performing transactions, payments etc. ...


It is only possible to apply one or more tests which, if passed, have been previously declared to be sufficient to proceed. The problem is to determine which tests are sufficient, and many such are inadequate. There have been many instances of such tests having been spoofed successfully; they have by their failure shown themselves, inescapably, to be inadequate. Many people continue to regard the test(s) -- and the decision to regard success in passing them—as acceptable, and blame their failure on 'sloppiness' or 'incompetence' on the part of someone. The problem is that the test was supposed to work in practice -- not under ideal conditions of no sloppiness or incompetence—and did not. It is the test which has failed in such cases. Consider the very common case of a confirmation email which must be replied to in order to activate an online account of some kind. Since email can easily be arranged to go to or come from bogus and untraceable addresses, this is an extremely weak authentication method. Bogus is a 1996 Warner Bros. ...


Multifactor authentication

Main article: Two-factor authentication

Human authentication factors are generally classified into three cases: An authentication factor is a piece of information and process used to authenticate or verify a persons identity for security purposes. ... This article is about modern humans. ... In authentication, a factor is a piece of information used to verify a persons identity. ...

Often a combination of methods is used, e.g., a bankcard and a PIN, in which case the term 'two-factor authentication' is used. In 2006, several scientists at RSA Laboratories published a paper exploring social networking as a fourth factor of human authentication. Several types of security tokens. ... To meet Wikipedias quality standards, this article or section may require cleanup. ... Look up phone in Wiktionary, the free dictionary. ... Motorola T2288 mobile phone A mobile phone is a portable electronic device which behaves as a normal telephone whilst being able to move over a wide area (compare cordless phone which acts as a telephone only within a limited range). ... A password is a form of secret authentication data that is used to control access to a resource. ... A passphrase is a collection of words used for access control, typically used to gain access to a computer system. ... PINs are most often used for ATMs but are increasingly used at the Point of sale, especially for debit cards. ... A macro shot of a palm and the base of several fingers; as seen here, debris can gather between the ridges. ... Human eye cross-sectional view. ... The structure of part of a DNA double helix Deoxyribonucleic acid, or DNA, is a nucleic acid molecule that contains the genetic instructions used in the development and functioning of all known living organisms. ... For other uses, see Signature (disambiguation). ... Speech recognition technologies allow computers equipped with a source of sound input, such as a microphone, to interpret human speech, e. ... At Disney World, biometric measurements are taken of the fingers of multi-day pass users to ensure that the pass is used by the same person from day to day. ... An authentication factor is a piece of information and process used to authenticate or verify a persons identity for security purposes. ... This article is about an algorithm for public-key encryption. ... Not to be confused with social network services such as MySpace, etc. ...


Historically, fingerprints have been used as the most authoritative method of authentication, but recent court cases in the US and elsewhere have raised fundamental doubts about fingerprint reliability. Other biometric methods are promising (retinal and fingerprint scans are an example), but have shown themselves to be easily spoofable in practice. A macro shot of a palm and the base of several fingers; as seen here, debris can gather between the ridges. ... Forgery is the process of making or adapting objects or documents (see false document), with the intention to deceive. ...


In a computer data context, cryptographic methods have been developed (see digital signature and challenge-response authentication) which are currently not spoofable if and only if the originator's key has not been compromised. That the originator (or anyone other than an attacker) knows (or doesn't know) about a compromise is irrelevant. It is not known whether these cryptographically based authentication methods are provably secure since unanticipated mathematical developments may make them vulnerable to attack in future. If that were to occur, it may call into question much of the authentication in the past. In particular, a digitally signed contract may be questioned when a new attack on the cryptography underlying the signature is discovered. In cryptography, a digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. ... In computer security, challenge-response authentication is a family of protocols in which one party presents a question (challenge) and another party must provide a valid answer (response) to be authenticated. ... In cryptography, an adversary (rarely opponent, enemy) is a malicious entity whose aim is to prevent the users of the cryptosystem from achieving their goal (primarily privacy, integrity and availability of data). ... In cryptography, a digital signature or digital signature scheme is a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. ... Legal instrument is a legal term of art that is used for any written legal document such as a certificate, a deed, a will, an Act of Parliament or a law passed by a competent legislative body in municipal (domestic) or international law. ...


Strong authentication

The U.S. Government's National Information Assurance Glossary defines strong authentication as: Motto: (Out Of Many, One) (traditional) In God We Trust (1956 to date) Anthem: The Star-Spangled Banner Capital Washington D.C. Largest city New York City None at federal level (English de facto) Government Federal constitutional republic  - President George Walker Bush (R)  - Vice President Dick Cheney (R) Independence from... The National Information Assurance Glossary, published by the Committee on National Security Systems of the United States federal government, is an unclassified glossary of Information security terms intended to provide a common vocabulary for discussing Information Assurance concepts. ...

Layered authentication approach relying on two or more authenticators to establish the identity of an originator or receiver of information.

See also

This article or section does not cite any references or sources. ... Public key cryptography is a form of cryptography which generally allows users to communicate securely without having prior access to a shared secret key, by using a pair of cryptographic keys, designated as public key and private key, which are related mathematically. ... In computing, geolocation software is used to deduce the geographic location of the other party in a message exchange, for example on the Internet. ... Kerberos is the name of a computer network authentication protocol, which allows individuals communicating over an insecure network to prove their identity to one another in a secure manner. ... Secure Shell or SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. ... Encrypted Key Exchange is an authentication protocol which uses two messages to establish a key, and then verifies a match in two transmissions. ... The Secure Remote Password Protocol (SRP) is a password-authenticated key agreement protocol which allows a user to authenticate herself to a server, which is resistant to dictionary attacks mounted by an eavesdropper, and does not require a trusted third party. ... Closed-loop Authentication Closed-loop authentication, as applied to computer network communication, refers to a mechanism whereby one party verifies the purported identity of another party by requiring them to supply a copy of a token transmitted to the canonical or trusted point of contact for that identity. ... Remote Authentication Dial In User Service (RADIUS) is an AAA (authentication, authorization and accounting) protocol for applications such as network access or IP mobility. ... DIAMETER is a computer networking protocol for AAA (Authentication, Authorization and Accounting). ... A keyed-hash message authentication code, or HMAC, is a type of message authentication code (MAC) calculated using a cryptographic hash function in combination with a secret key. ... Extensible Authentication Protocol, or EAP, is a universal authentication framework frequently used in wireless networks and Point-to-Point connections. ... An authentication factor is a piece of information and process used to authenticate or verify a persons identity for security purposes. ... In security engineering and computer security, authorization, is a part of the operating system that protects computer resources by only allowing those resources to be used by resource consumers that have been granted authority to use them. ... At Walt Disney World, biometric measurements are taken from the fingers of guests to ensure that the persons ticket is used by the same person from day to day For the use of statistics in biology, see Biostatistics. ... The Authentication Open Service Interface Definition (OSID) is an O.K.I. specification which supports invoking an authentication process. ... Early CAPTCHAs such as these, generated by the EZ-Gimpy program, were used on Yahoo. ... TCP Wrapper is a host-based Networking ACL system, used to filter network access to Internet Protocol servers on (Unix-like) operating systems such as Linux or BSD. It allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens on which to filter... Each secret share is a plane, and the secret is the point at which three shares intersect. ... Athens is an Access and Identity Management service that is supplied by Eduserv to provide single sign-on to protected resources combined with full user management capability. ... OpenID is a decentralized system to verify ones online identity. ... PAPI (Point of Access for Providers of Information) is a system for providing access control to restricted information resources across the Internet. ... Java Authentication and Authorization Service, or JAAS, pronounced Jazz, is a Java security framework for user-centric security to augment the Java code-based security. ...

External links


  Results from FactBites:
 
What is authentication? - a definition from Whatis.com - see also: authenticate (336 words)
- Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
In private and public computer networks (including the Internet), authentication is commonly done through the use of logon passwords.
Logically, authentication precedes authorization (although they may often seem to be combined).
  More results at FactBites »

 
 

COMMENTARY     


Share your thoughts, questions and commentary here
Your name
Your comments

Want to know more?
Search encyclopedia, statistics and forums:

 


Press Releases |  Feeds | Contact
The Wikipedia article included on this page is licensed under the GFDL.
Images may be subject to relevant owners' copyright.
All other elements are (c) copyright NationMaster.com 2003-5. All Rights Reserved.
Usage implies agreement with terms, 1022, m